package com.vecspace.web;

public class CharsetUtils {
	/**替换特殊字符，用于防止跨站攻击，所有在页面输出的参数，均需调用此方法过滤	 * 
	 * 对http中的参数进行检查，过滤掉html及javascript代码，如 < > & 
	 * 
	 * @param str
	 * @return 
	 * @author: wanghua
	 */
	public static String filterHtmlChar(String str){
		if(str == null || str.length() == 0) {
			return str;		
		}
		str = str.replaceAll("&", "&amp;");
		str = str.replaceAll("<", "&lt;");
		str = str.replaceAll(">", "&gt;");
		str = str.replaceAll("'", "&#039;");
		str = str.replaceAll("\"", "&quot;");
		return str;
	}
}
